Mobile Navigation

IIOT Chemical

View Comments

Digital Safety Transformation

| By Taylor Schuler, Yokogawa

With work injuries on the increase, migrating to digital platforms to address worker safety has become a priority. Digital transformation simplifies the integration of new digital applications such as alarm lifecycle management, functional safety lifecycle management, shift team effectiveness and permit-to-work.

As the chemical process industries (CPI) pursue digital transformations, there is an increased emphasis on safety. How can digitalization benefit the many facets of safety in terms of assets, processes and employees working on-site and remotely?

A new digital risk management methodology combines four digital technologies to form the foundation of a sustainable safety regimen (Figure 1). A corporate alarm philosophy with systems to effectively manage the entire alarm lifecycle is the plant’s first line of defense to maintain operations within the safety envelope. A digital, process-safety lifecycle-management solution provides sustainable functional safety management. It focuses on a plant’s ability to identify risks and monitor performance with real-time data to ensure there are no incorrect assumptions or additional risks that were previously invisible.

In terms of human operators, shift team effectiveness is a structured approach to transferring knowledge from one shift to the next while maintaining safe and profitable operations. Finally, consolidating these methods in a common database provides transparency to controlled work, also known as permit-to-work, which minimizes potential incidents as both internal and external field workers execute their tasks in potentially hazardous scenarios.

While companies today are running leaner, data are becoming more plentiful, sometimes to an overwhelming degree. To account for the flood of data and the need to harness their value, digital twin technology has emerged as one of the most powerful disruptive technologies in the process industries today. The entire digital risk-management methodology, including alarm lifecycle management, process-safety lifecycle management, shift team effectiveness and controlled work, is implemented as a digital twin. The integration, analytics, and transparency enable the end-user to optimize safety.

FIGURE 1. Four core components comprise an overall digital risk management program (credit: Yokogawa)


Digital twins

A digital twin is a virtual, digital copy of a device, system, human or process that accurately mimics actual performance in real-time, can be configured or manipulated, and is executable through regular model runs, thus allowing development of a better future. A digital twin is a decision support tool that enables improved safety, reliability and profitability in design and operations.

Digital twins allow for advanced data analytics and operational insight, which can be used to guide day-to-day decisions and drive improvements. A digital representation’s ability to process enormous amounts of data and turn them into understandable formats enables better decision-making about manufacturing processes, predictive maintenance, end-of-life cycles and more, while ensuring that the performance of a process meets the expectations placed on it.

Digital twins also allow data consumers the freedom to experiment with future scenarios. Pushing equipment to physical failure is a costly and potentially dangerous task. Doing so with a digital twin offers insight into equipment limitations without the risk of real-world damage.

A key aspect to digitally transformed functional-safety-management is that it provides metrics and key performance indicators (KPIs), which enable financial justification through return-on-investment (ROI) analyses. Whereas safety has traditionally been solely a cost center, the new analyses allow comparisons against other potential capital projects.

Alarm lifecycle management

Alarm system management according to ISA 18.2 is fundamental to any CPI application, today (Figure 2). The basic intent of ISA-18.2 is to improve safety. However, poor alarm management is one of the leading causes of unplanned downtime, contributing to over $20 billion in lost production every year, and of major industrial incidents.

There are numerous, widespread alarm management issues such as, for example, alarm overload. As formerly independent systems are integrated for more effective operation by fewer operators, each operator must monitor an increasingly wider area and, consequently, deal with more alarms. Without rigorous alarm rationalization efforts, alarm flooding becomes a serious problem and increases the risk of safety and environmental incidents.

A comprehensive approach to alarm management enables users to achieve safe and agile plant operations based on the concept of combining practical, bottom-up solutions with fundamental, top-down improvements. For example, an alarm management suite spans functions such as a centralized master alarm database, alarm reporting and analytics, sequence-of-events consolidation and dynamic alarm management. The applications in this suite support the end user’s corporate alarm philosophy and provide clarity to its practice daily. They expedite such activities as alarm rationalization, change management and continuous improvement of the alarm system.

FIGURE 2. Alarm system management according to ISA 18.2 is fundamental to any process industry application, today (credit: Yokogawa)

The alarm master database assists managers and supervisors in monitoring, assessing and auditing the behavior of alarm setpoints as part of an alarm documentation and rationalization program. Analytics facilitate the quantitative analysis of problems in the control system event log. Plant operators are often faced with large numbers of alarms and abnormal situations that prevent them from responding quickly enough to prevent safety-related incidents, environmental issues, shutdowns and equipment damage. Analytics address the problem of poorly applied alarm management that otherwise results in excessive alarms and events, which operators routinely ignore.

For dynamic alarm management, an advanced alarm administrator allows for alarm review, alarm optimizing and enhancement of alarm responses by simplifying the process of alarm reduction and minimizing alarm flooding.

End users who are planning to consolidate their control rooms and design their alarm systems to comply with the ISA 18.2 standard will benefit from the practical and immediate solutions that the suite enables.

Digital process safety lifecycle management

Digital process-safety lifecycle management enables sustainable safety and simplifies safety compliance, which has traditionally been complicated and resource-intensive.

The process safety lifecycle per IEC 61511 and ISA84 requires subject matter experts to conduct a process hazard analysis (PHA), which identifies potential scenarios that could lead to loss of containment events. Upon completion of the PHA, a layer of protection analysis (LOPA) quantifies the risk and ensures adequate protection is included in the safety instrumented system (SIS) design. Automating the process and implementing it as a digital twin enables sustainability and significantly simplifies compliance (Figure 3).

FIGURE 3. In the workflow for sustainable process safety, the LOPA is the foundation of a successful functional safety management program (credit: Yokogawa)

Having established that the LOPA is the foundation of a successful functional safety management program, the next step is to provide an interface to the “actual” system behavior for comparison with the “expected” behavior in the LOPA report. The digital risk management solution retrieves event data directly from the distributed control system (DCS), SIS or the plant historian. By flagging discrepancies, users are empowered to take action to minimize previously invisible or unknown risks.

In daily operations, a sustainable digital risk-management system that allows comparisons of actual versus expected behavior must track the KPIs with risk impacts. The American Petroleum Institute (API) recommended practice RP-754 provides very good guidance. API RP-754 establishes a philosophy that assesses leading indicators to protect against future loss of primary containment events in addition to events that have already occurred.

In the pyramid, Tier 1 and Tier 2 events tend to be reactive. API RP-754 refers to them as lagging indicators. The digital risk-management solution puts more emphasis on Tier 3 and Tier 4 events as leading indicators. While API RP-754 does not specify exactly which KPIs to track, digital risk management focuses on the assumptions made in the LOPA or SIS design that could alter a risk profile.

A digital risk-management solution should be able to track information that confirms assumptions made to move a hazardous scenario into a tolerable area on the corporate risk matrix. These variables can include how often demands rates versus assumed, testing and maintenance per reliability calculations. Supported work functions include validating trip events to credit when feasible, immediate risk assessment to support bypassing and tracking spurious trip rates to increase availability without sacrificing safety. The digital twin applies across the entire enterprise. All the performance data can roll into a single metric that measures overall performance across all protection layers against assumptions made during the initial design and maintained over the life of the facility. The fundamental concept behind the KPI is leveraging logic used in a LOPA study, where the team evaluates potential hazardous scenarios by establishing the severity of the event and the likelihood of the event occurring.

Digital risk management also allows the process safety team to focus on risk reduction in terms of financial impacts and benefits to the business. Not only does this align them with senior management, but it also allows them to justify investments in safety projects in a manner that is comparable to all other prospective capital projects. The safety lifecycle program thus transitions from purely a cost of doing business to an asset.

Shift team effectiveness

Illustrating the risks to which process manufacturers are exposed when shift handover practices are lacking are numerous, are major disasters including the following:

  • Piper Alpha, 1988 – Poor shift management, communication and unstructured shift handover processes resulted in a loss of containment, explosion and permanent loss of the entire oil platform and 167 fatalities.
  • Texas City, 2005 – Poor shift management, communication and unstructured shift handover processes combined with poor adherence to procedures and other systemic failures resulted in a loss of containment, explosion and 15 fatalities.
  • Buncefield, 2005 – An instrument failure compounded by poor cross-facility shift management, communication and unstructured shift handover processes resulted in a loss of containment, explosion and permanent loss of 20 storage tanks and 60 million gallons of fuel products.

Most often, fortunately, organizations that are considering digital transformation initiatives simply uncover sub-optimal execution of their production and maintenance plans. Typically, their shift execution approaches have not grown in line with best practices and digitalization tools.

This is especially evident in shift handovers where there are data and communication gaps. From one shift to the next, there is missing information, lack of work item updates, illegible handwriting and written notes that prevent further analysis.

Operations also often find that certain shifts have more efficient handovers than others. To remedy this inconsistency, a change management program could be an important aspect of a successful implementation of digital tools to support shift and plant team improvements.

A recent, digitalized shift team effectiveness standard consists of 14 discrete elements, which are built on best practice experience (Figure 4).

FIGURE 4. A comprehensive shift team effectiveness standard consists of 14 discrete elements, which are built on best practice experience (credit: Yokogawa)

As a non-prescriptive standard based on extensive industry experience and the benchmarking of process industry best practices, the standard offers flexibility. A digital-transformation or production-improvement project team will be able to adapt these best practices to best fit their needs resulting in superior plant-shift-team performance.

In a recent application, a chemical manufacturer has realized the following benefits from the application of digitalized, functional safety management with controlled work including the shift team effectiveness standard:

  • A structured shift log and handover template provides complete information. The end-user expects to see up to a 90% improvement in shift handover completeness after the program ends
  • Process-specific related information supports data analysis and simplifies troubleshooting
  • Improvements in task tracking enable a reduction in outstanding work items. The user group reports a greater than 95% improvement in the follow-up on high-priority work instructions
  • Legible log sheets (compared to handwritten logs) deliver a 90% improvement in the capture of shift log information

Supporting information now includes pictures and documents, which directly upload to the workflow.

Digitalized controlled work

In 2019, 5,333 fatal work injuries were recorded in the U.S. This is the highest since 2007.  Compounded with the COVID-19 pandemic, this means that the safety and well-being of workers have never been so important. A recent survey indicated that worker health protection and safe operations were the highest priorities for new technology spending in 2021.

A team consisting of manufacturers and suppliers has identified best practices for risk management and safety — leading to a scalable, digital solution for a process that had been traditionally paper-based (Figure 5). It has allowed manufacturers to place risk assessments in the hands of those who are working on the front lines every day. It is based on experience that the best way to spot and manage risks is to make it easy for everyone to become involved.

FIGURE 5. These ingredients are key to a comprehensive permit-to-work solution (credit: Yokogawa)

The system allows users, regardless of their expertise, to simply specify the work being done, under which conditions, and using which tools — and rapidly identify possible risks as well as preventative measures. The digital system searches through a comprehensive database consisting of millions of hours of actual work situations and management experience to produce risk assessments and mitigations.

In the digital age of the safe, connected worker, the digital methodology also enables plants to achieve increased efficiency with less downtime and greater energy savings.

Final thoughts

Since the CPI are typically very traditional, it is often the case that many plants continue doing things the “old-fashioned” way. Embracing digital transformation and moving from aged, manual processes to digital solutions that add value enables significantly increased plant safety and process optimization. Digital transformation simplifies the integration of new digital applications such as alarm lifecycle management, functional-safety lifecycle management, shift team effectiveness, and permit-to-work.

As the first line of defense, alarm management provides a strong indication that the process is approaching the edge of the safe operating envelope. Process safety management leverages real-time operational data to validate risk levels and protection performance to ensure improved business decision-making to safely maximize profitability.

Shift team effectiveness ensures seamless communications, which interface key data from multiple systems, and provides a consistent, structured handover process that eliminates dips in productivity and minimizes operator errors that can lead to an incident.

Consolidating these methods in a common database provides transparency to controlled work, which minimizes potential incidents as both internal and external field workers execute in potentially hazardous scenarios.

Edited by Dorothy Lozowski


Taylor Schuler

Taylor Schuler is the Digital Transformation & Safety leader at Yokogawa (12530 W. Airport Blvd., Sugar Land, TX, 77478; Phone: +1 (346) 436-0837; Email: He has had a 20-year career in digitally transforming companies in the oil-and-gas industry.  He is experienced in designing, implementing and taking to market digital twins with a focus on safety and continuous improvement towards profitability.  He takes pride in simplifying complex solutions from the board room to the shop floor.  He is passionate about all things “Tennessee Volunteers” from his nuclear engineering degree achieved the last time the Vols won the National Championship in football.